GRCon20 - Security Analysis of Zigbee Networks with Zigator and GNU Radio

Presented by Dimitrios-Georgios Akestoridis, Madhumitha Harishankar, Michael Weber and Patrick Tague at GNU Radio Conference 2020 https://gnuradio.org/grcon20 Zigbee is a wireless communication protocol that is based on the IEEE 802.15.4 standard and is commonly used in smart homes. Numerous smart home devices that do not require a high-data-rate connection, such as smart door locks and smart motion sensors, utilize the Zigbee protocol to conserve their energy and minimize their manufacturing cost. However, due to the typical capabilities of these devices, the security of a Zigbee network can affect the physical security of smart home residents. Therefore, it is important for independent researchers to be able to analyze the security of operational Zigbee networks. We developed Zigator in order to gain insights from captured Zigbee packets, which lead to the implementation of novel selective jamming and spoofing attacks. We used GNU Radio, with the gr-ieee802-15-4 and gr-foo modules, to capture Zigbee packets and analyze the effectiveness of the implemented attacks. Our findings were responsibly disclosed to the Zigbee Alliance, while our dataset of captured Zigbee packets is publicly available. In this presentation we will primarily focus on our design choices for our testbed, such as scenarios where the use of a software-defined radio was preferred over an IEEE 802.15.4 USB adapter and vice versa.